EiweInfosec leaders, what resources, white papers, blogs, research have you come across regarding what an appropriate size for an infosec team is at various types and sizes of companies?
I have seen some research from Gartner and CMU. But they mostly discuss huge orgs. I'm specifically interested in orgs around 800-1000 employees in a healthcare environment. So, HIPAA and troves of ePHI. Perhaps that helps.
Whatchu got? π
#infosec #informationsecurity #cybersecurity #staffing #teamsize #grc